Sajiv Nair, Assistant CTO and Head Managed Services, ESDS Software Solutions explains why healthcare is on the radar of cyber-attacks
As the world recovers from a recent global pandemic, the danger of cyberattacks and data breaches looms larger in the era of digital technology. According to the IoT and OT Global Threat Landscape Assessment Report of 2022, the healthcare sector in India is experiencing a concerning increase in cyberattacks. Currently, India is ranked 11th among the top 20 nations that are most targeted by cyberattacks in the healthcare industry worldwide. According to recent reports, the healthcare industry in India has experienced approximately 1.9 million cyber-attacks until November 2022. Where did these 1.9 million attacks come from? The investigations have revealed that these attacks have originated in China, Pakistan, and Vietnam.
Healthcare organisations are facing a constant threat from attackers who are always on the lookout for new ways to infiltrate their systems. Due to the emergence of new threats regularly, these organisations are finding it difficult to dedicate enough resources to protect their data. Furthermore, the busy schedules of healthcare personnel make it challenging for them to stay up-to-date on cybersecurity risks and prevention measures. The importance of data and the increasing difficulty of maintaining the security posture of their environment invite the high risk of cyber-attacks and the consequential damage financially and in terms of reputation for healthcare organisations. This rise in cyberattacks on the healthcare sector can be attributed to multiple factors.
Let’s understand some of the reasons why healthcare is on the radar of cyber-attacks.
Complicated supply chain: The healthcare system comprises a complex supply chain that includes various components ranging from appointment reminder software, scanning machines, cleaning supplies, climate-controlled transport of drugs, and patient reports. This complexity creates several difficulties in implementing security practices.
Overworked staff: In healthcare, the majority of data privacy breaches occur due to employee errors and unauthorized disclosures. With hospital staff already being overburdened, it’s not surprising that cyber security is not a top priority for most workers.
Outdated devices with data online: Healthcare IT professionals encounter significant challenges in maintaining security due to the extensive network of interconnected medical devices, many of which have varying specifications and originate from multiple manufacturers. Although medical devices may not contain significant amounts of patient data, they can serve as a gateway for hackers to gain access to servers that store large quantities of data. In the healthcare cybersecurity market, it is critical to prioritise the secure maintenance of these entry points to reduce the costs and damage resulting from unauthorised access.
Be aware of ransomware!
Did you know the data that gets leaked or stolen gets on the dark web? In a recent incident involving an Indian healthcare provider, their staff inadvertently clicked on a malicious link, which resulted in their data being made available on the dark Web. It is no surprise that the data of the healthcare industry is quite crucial, especially the data from private institutions which is worth a lot of money to the attackers.
Are you aware that ransomware is one of the most prevalent and devastating types of cyber-attacks that have caused significant harm globally? Ransomware attempts per organisation reached a total of 707 in 2022, establishing it as the most prevalent type of attack. Moreover, the industry faced a significant challenge in 2022 as the average cost of a data breach amounted to Rs 17.6 cr. This average cost has risen by 6.6 per cent since 2021 and nearly 20 per cent since 2020 when it was Rs 14cr.
(Knowledgehut)
Threats healthcare sector must be aware of:
Ransomware: Cybercriminals can impede access to the entire clinical system, which can result in the incapacitation of surgical equipment and life support systems.
Network vulnerability attacks: Attackers can utilise a variety of tactics such as ARP cache poisoning and HTTPS spoofing to target both wired and wireless networks that serve as the vital infrastructure of medical facilities and provide access to patient information. These crimes pose a serious threat to the security and privacy of sensitive medical data.
Phishing: Quickly infiltrating the entire system and network via links or attachments embedded in phishing emails, social media posts, or text messages.
Man-in-the-middle (MITM): During data transfers or conversations, cybercriminals can eavesdrop on private and highly sensitive user information, potentially resulting in substantial losses and penalties for violating confidentiality.
Security awareness: On priority
Unlike other industries like finance or manufacturing, which prioritise data security as a fundamental aspect of their infrastructure, the healthcare sector has been slower to adopt basic security measures. These attacks also risk ongoing patient care functions and processes, which can be life-threatening. To strengthen security measures, healthcare institutions must define and evaluate their security posture and implement effective security monitoring with a good ecosystem to investigate and remediate critical alerts and incidents. Beyond perimeter security monitoring and controls may need to be included in the overall security strategy.
While maintaining a secure environment within the healthcare industry may not be possible for all organisations given the high capex investments and skilled resources required, the services of trusted cybersecurity professionals/organisations could be a solution in this direction.